Saturday, September 11, 2010

An automated backup strategy is the key to avoiding tears when your hard drive inevitably fails.

With Apple machines, this is typically handled at the desktop level with an external drive and TimeMachine. (Incidentally I'm partial to the OtherWorldComputing on-the-go's myself since they don't need a power adapter...)

The problem with TimeMachine and local backups, in an enterprise context, is that it's hard to tell whether people are actually backing things up or not. What if the TimeMachine drive has failed for some reason? You will keep right on living, without realizing your user (or perhaps you) aren't actually successfully backing things up.

This is exactly the sort of problem that monitoring systems are supposed to solve, and my personal choice for monitoring is still nagios (though I hear good things about OpenNMS). You don't have to use a monitoring system perhaps - you could just have the script send you mail similar to my previous MacPorts check, but I like nagios because it maintains a history of previous events and has a flexible communication infrastructure.

But how to monitor the local TimeMachine backup status of a laptop with a centralized monitoring server like nagios?

The strategy I chose is to have a script on the local machine run daily (via an /etc/periodic/ entry) that scans for successful backups, fishes out the most recent success timestamp, and uses ssh to make an entry on my nagios server in a file. Then the I wrote a quick nagios plugin that inspect a timestamp in a file and measure whether it is acceptably recent or not.

If this is interesting to you - grab both of those little scripts from the link above and enjoy.

If you have a totally different strategy for monitoring local backup status, I'd be curious to hear it - please add a comment.

Sunday, July 18, 2010

At some point, if you work with sensitive information, you realize it's time to get serious about protecting the data from theft.

I'll assume you already have firewalls in place, surf the web safely and keep your software up to date. That should help reduce the risk the data is accessed while you are using your computer, but since MacBookPro laptops are portable and valuable, and TimeMachine backup drives are also portable and valuable, there is the real risk that they are physically stolen, putting your sensitive data at risk.

The solution to this is multi-part - first you need to make sure that your machine asks you for a password when it resumes from sleep or wakes up from a screensaver, and that it goes to sleep or to the screensaver quickly when unattended. This makes sure that someone can't just open the lid or move the mouse and get your data.

Now they are going to try to reboot, the second part is to make sure that you don't have auto-login enabled, so they'll have to enter a password to login after rebooting.

You are mostly safe at this point, but did you know that Mac OS X install DVDs have a feature which let you reset the root password on a laptop, if you boot from the DVD? They do. It is quite useful really - I've needed to use it - but it means that the password protection isn't worth much at this level, a thief that wants your data can easily access it.

The last part of the solution handles this problem, by using encryption to make sure your data is inaccessible even if someone has physical access to your machine. The goal is to have your whole disk encrypted, with a pre-boot password required to decrypt it and get the OS running. I use PGP Whole Disk Encryption ("PGP WDE") for this purpose - it is commercial software but doesn't cost too much compared to exposing the sensitive data, and it is easy to use.

Assuming you have installed PGP WDE and have your laptop hard drive encrypted at this point, you are mostly secure, but what about your TimeMachine backups? That little external drive next to your computer still holds all your sensitive data, but it is not encrypted - you have moved the problem around but not solved it completely yet.

The next step then is to use PGP WDE on the TimeMachine drive, so it is encrypted as well. Now your data is fully protected, but you have a new problem - if your laptop dies for some reason and you need to restore from your TimeMachine drive, you can't - the Mac OS X install DVD you would use for the restore can't access the TimeMachine drive to restore from it, because it is encrypted!

Luckily, this is a solved problem. In a nutshell, what you want to do is to re-partition your TimeMachine drive and put an OS X install on it that you can use as a rescue, and you want a copy of the Mac OS X install DVD on that rescue install. Use TimeMachine to backup to a second partition on the TimeMachine drive, and now following these excellent instructions you have a tested and working self-contained encrypted backup of your laptop with all the tools you need to restore your computer if you have problems.